Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Java : Education - Tutorials
Java security, Part 2: Authentication and authorization		ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
5. JAAS example
  


A failed authentication page 4 of 8


Just for fun, let's see what happens when we do something wrong. In the example below, the setup is the same but we'll enter a wrong password for joeuser. Check the output below and see for yourself how it differs from the above results.


AlwaysLoginModule Login
Username? Brad

Login: AlwaysLoginModule SUCCESS

PasswordLoginModule Login
Username? joeuser
Password? wrongpw

Login: PasswordLoginModule Username Matches
Login: PasswordLoginModule Password Mismatch
Login: PasswordLoginModule FAIL
Commit: AlwaysLoginModule SUCCESS
Commit: PasswordLoginModule FAIL

OVERALL AUTHENTICATION SUCCEEDED

Subject:
           Principal: Brad

Payroll Access DENIED
Subject has Personnel access

Logout: AlwaysLoginModule SUCCESS
Logout: PasswordLoginModule SUCCESS

As you can see, the PasswordLoginModule login has failed. Because this module is configured optional in the login.config file, however, the overall authentication was still a success. The difference is that only the Brad Principal has been added to the Subject. The payroll program could not find a joeuser Principal, so access was denied. The personnel program was able to match the Brad Principal with the Brad grant statement, so it was successfully added and access was granted.

In the next several panels, we'll try out a few different variations in how we configure the login.config file, then check the results for each new config.


Main menuSection menuFeedbackPreviousNext
Privacy Legal Contact